Fibratus is a tool which is able to capture the most of the Windows kernel activity – process/thread creation and termination, context switches, file system I/O, registry, network activity, DLL loading/unloading and much more.
The kernel events can be easily streamed to a number of output sinks like AMQP message brokers, Elasticsearch clusters or standard output stream.
You can use filaments (lightweight Python modules) to extend it with your own arsenal of tools and so leverage the power of the Python’s ecosystem.
Also Read : Crashcast-Exploit : Tool To Mass Play YouTube Video, Terminate Apps & Rename Chromecast Device
Download the latest release (Windows installer). The changelog and older releases can be found here.
Alternatively, you can get it from PyPI.
kstreamc extension). Make sure to export the VS100COMNTOOLS environment variable so it points to %VS140COMNTOOLS%.pip install Cython >=0.23.4.pip install fibratus
Playwright-MCP (Model Context Protocol) is a cutting-edge tool designed to bridge the gap between AI…
JBDev is a specialized development tool designed to streamline the creation and debugging of jailbreak…
The Kereva LLM Code Scanner is an innovative static analysis tool tailored for Python applications…
Nuclei-Templates-Labs is a dynamic and comprehensive repository designed for security researchers, learners, and organizations to…
SSH-Stealer and RunAs-Stealer are malicious tools designed to stealthily harvest SSH credentials, enabling attackers to…
Control flow flattening is a common obfuscation technique used by OLLVM (Obfuscator-LLVM) to transform executable…